Initial implementation of appvm-based OS

2020-01-04 20:58:00 +00:00 · 2020-01-04 20:58:00 +00:00 · 5526cbee02
parent 7d6d524b67
commit 5526cbee02
6 changed files with 127 additions and 0 deletions
--- a/os/.gitignore
+++ b/os/.gitignore
@ -0,0 +1,3 @@
+target.nix
+result
+nixos.qcow2
--- a/os/Makefile
+++ b/os/Makefile
@ -0,0 +1,20 @@
+test: vm cleanup
+
+vm:
+	ln -sf vm.nix target.nix
+	nix-build '<nixpkgs/nixos>' -A vm -I nixos-config=configuration.nix
+	@echo "Use Ctrl-Alt-Q to close VM" | grep --color=always '.*'
+	./result/bin/run-nixos-vm -cpu host
+
+cleanup:
+	rm -f nixos.qcow2
+	unlink result
+
+iso:
+	@echo "Not yet available. Use \`make live-iso\`." | grep --color=always '.*'
+
+live-iso:
+	ln -sf live-iso.nix target.nix
+	nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=configuration.nix
+	cp result/iso/* appvm.iso
+	unlink result
--- a/os/README.md
+++ b/os/README.md
@ -0,0 +1,11 @@
+# $Placeholder OS
+
+The primary goal of appvm is to provide application VMs as a tool, but some people ask for a complete distro so why not.
+
+## Usage
+
+    make test
+
+or
+
+    make live-iso
--- a/os/configuration.nix
+++ b/os/configuration.nix
@ -0,0 +1,82 @@
+{ config, pkgs, lib, ... }:
+
+let
+  appvm = (pkgs.buildGoPackage {
+    # TODO ../default.nix
+    name = "appvm";
+    goPackagePath = "code.dumpstack.io/tools/appvm";
+    goDeps = ../deps.nix;
+    src = builtins.fetchGit {
+      url = "https://code.dumpstack.io/tools/appvm.git";
+      ref = "master";
+    };
+    buildInputs = [ pkgs.makeWrapper ];
+    postFixup = ''
+      wrapProgram $bin/bin/appvm \
+        --prefix PATH : "${lib.makeBinPath [ pkgs.nix pkgs.virt-viewer ]}"
+    '';
+  });
+in {
+  imports = [
+    ./target.nix
+    #./hardware-configuration.nix
+  ];
+
+  time.timeZone = "UTC";
+
+  boot.loader.systemd-boot.enable = true;
+
+  # You can not use networking.networkmanager with networking.wireless
+  networking.wireless.enable = false;
+
+  systemd.services."init-nix-channels" = {
+    enable = true;
+    serviceConfig = {
+      ExecStartPre = "${pkgs.su}/bin/su root -c '${pkgs.nix}/bin/nix-channel --update'";
+      ExecStart = "/bin/sh";
+      Restart = "on-failure";
+      RestartSec = "5";
+      TimeoutSec = "120";
+    };
+  };
+
+  systemd.timers."init-nix-channels" = {
+    timerConfig.OnBootSec = "30s";
+    timerConfig.Unit = "init-nix-channels.service";
+    wantedBy = ["timers.target"];
+  };
+
+  users.users.user = {
+    isNormalUser = true;
+    extraGroups = [ "audio" "libvirtd" ];
+  };
+
+  virtualisation.libvirtd = {
+    enable = true;
+    qemuVerbatimConfig = ''
+      namespaces = []
+      user = "user"
+      group = "users"
+    '';
+  };
+
+  # TODO run ${appvm}/bin/appvm autoballoon each second
+
+  environment.systemPackages = with pkgs; [
+    appvm virtmanager chromium
+    # Cache packages required for application VMs
+    xmonad-with-packages spice-vdagent bc qemu_test slim
+  ];
+
+  services.xserver.enable = true;
+  services.xserver.displayManager.gdm = {
+    enable = true;
+    wayland = false;            # FIXME
+    autoLogin = {
+      enable = true;
+      user = "user";
+    };
+  };
+
+  services.xserver.desktopManager.gnome3.enable = true;
+}
--- a/os/live-iso.nix
+++ b/os/live-iso.nix
@ -0,0 +1,6 @@
+{
+  imports = [
+    #<nixpkgs/nixos/modules/profiles/hardened.nix>
+    <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
+  ];
+}
--- a/os/vm.nix
+++ b/os/vm.nix
@ -0,0 +1,5 @@
+{
+  # vm.nix is used for testing only
+  users.users.root.initialPassword = "root";
+  virtualisation.memorySize = 8196;
+}